package com.shirotest.shiro_test.cofig;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;

/**
 * @Author: 秃头不用洗发水
 * @Date: 2021-03-21
 * @Description:
 */
public class ShiroRealm extends AuthorizingRealm {

@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        System.out.println("授权：doGetAuthorizationInfo");
        return null;
        }

@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        System.out.println("验证：doGetAuthenticationInfo");
        String username = "root";
        String password = "123456";
        //再转化为token
        UsernamePasswordToken userToken = (UsernamePasswordToken) authenticationToken;
        if (!userToken.getUsername().equals(username)){
                return null;
                //抛出异常,unknown
        }
        //密码验证不需要操作,shiro自动验证
        return new SimpleAuthenticationInfo("",password,"");
        }
        }
